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The  goal  of  this  report  is  to  describe  in  detail  two  solutions  to  the  problem  of  complexity  reduction  in  the 
amount  of  hardware  needed  to  implement  a tree  of  Oalois  linear  modules  for  the  Oalois  field  GF(  2").  The 
solutions  can  be  broken  into  two  cases;  reduction  of  the  number  of  modules  in  a tree,  and  reduction  of 
the  complexity  of  each  module.  The  solution  to  the  first  problem  is  the  use  of  sequential  trees,  a topic  which 
is  discussed  in  paragraph  3.2.  Far  more  sophisticated  is  the  solution  to  the  second  problem.  This  approach 
involves  the  idea  of  subfield  multipliers,  and  it  generalizes  to  arbitrary  Galois  fields  GF(p''l.  p is  a prime. 

The  subject  discussed  in  most  of  this  report  is  Galois  subfield  multiplication  for  arbitrary  (ialois  fields 
GFtp”).  with  a special  emphasis  on  the  fields  GF(2'’).  In  the  latter  fields  it  has  been  known  for  some  time 
that  the  Galois  multiplier  designed  by  J.  T.  Fllison  ( I ] does  the  multiplication  in  the  binary  field  GF(  2 * I =» 
{0.  1 }.  It  turns  out  that  for  GF(p'')  in  general  and  for  GF(2”)  in  particular,  multiplication  can  be  carried 
out  with  arbitrary  subfield  multipliers.  In  order  to  reduce  the  complexity  of  the  GFlp")  multiplier,  it  is 
necessary  to  do  the  multiplication  in  a sequential  mode.  The  process  of  subfield  multiplication  implies  a 
potential  for  using  multi-level  logic  circuits.  If  the  number  of  levels  is  a power  of  two.  subfield  multiplica- 
tion of  the  elements  in  GF(2'’)  can  be  done  with  less  hardware  and  without  as  much  loss  of  speed  as  would 
result  if  subfield  multiplication  were  done  with  binary  circuits. 

Section  2 will  be  devoted  to  the  known  facts  that  are  needed  to  discuss  the  reduced  trees  and  subfield  mul- 
tiplication topics  in  Section  3.  Some  of  this  material  can  be  found  in  previous  Sperry  Univac  reports  on 
Galois  logic  design,  but  most  can  be  found  only  in  mathematical  textbooks. 

In  Section  3.  two  methods  of  reducing  the  complexity  of  a full  tree  of  Galois  linear  modules  are  discussed: 
a reduced  tree  which  lowers  the  number  of  modules  in  a full  tree,  and  a subfield  multiplier  which  reduces 
the  complexity  of  the  individual  module.  The  subfield  multiplication  can  take  place  for  any  Galois  field 
GF(p").  whereas  consideration  of  a reduced  tree  is  relevant  only  for  GF(  2*'). 

.Mso  in  this  section  a theoretical  discussion  needed  for  the  generation  of  larger  Galois  fields  from  subfields 
is  given.  The  remainder  of  Section  3 is  devoted  to  a detailed  exposition  of  the  construction  of  a GtF(  2 ) 
multiplier  over  GF(2**)  and  of  a GF(3'^)  multiplier  over  GF(3~T 

Finally,  an  appendix  is  added  for  completeness.  In  it  the  basis  product  matrices  used  in  the  construction  of 
GF(p”)  multipliers  are  discussed. 
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SMTU^N  : 

iiAiois  i n i n nn-iNinoNs 


SiiKX  (I4I01S  ficMs  plii),  a central  exile  in  tins  re|H»rt.  a precise  Jeriiiilion  of  a lulots  lieM  is  (tiven  in  this  set,-- 
tion.  First,  the  ilet'iiittion  of  a iiiatheniatical  fieUi  is  necessary. 

OFFINITION  Let  D lie  a set  of  elements  a.  h.  c. ...  for  which  the  siini  a ♦ b aiul  the  prswUict  ab  of  any  tw\i 
elenienis a aiul  b tilistinct  or  notlof  O are  ilefinevl.  Then  0 is  callesi  a fieUI  if  the  following  tvstulates 
lif  - (x>  hold: 

til  Closure.  If  a and  b are  in  0.  then  the  sviiii  a b and  the  product  ab  are  in  0. 

tiil  liniquenes.s.  If  a • a’  and  b ■ b’  in  O.  then  a + b ■ a’  + b*  and  ab  ■ a'b’. 

tiiil  Commutative  laws.  For  all  a and  b in  0.  a ♦ b ■ b + a and  ab  ■ lia. 
tivi  .\s$viciative  Laws.  For  all  a.  b.  and  c in  0.  a + tb  + cl  ■ ta  + bl  c and  at  be  I » tabic; 

tvl  Distributive  Law,  For  all  a.  b.  and  c in  D.  atb  + cl  * ab  +•  ac; 

tvil  Zero.  D contains  an  element  0 such  that  a + 0 • a.  for  all  a in  D; 
tviil  Unity.  D contains  an  element  I ^ 0 such  that  al  ■ a for  all  a e D. 

tviiil  .Additive  Inverse.  I'or  each  a in  D.  the  ei]uation  a ♦ \ ■ 0 has  a solution  \ m D. 

tixl  Cancellation  Law.  If  c 0 and  ca  ■ cb.  then  a ■ b. 

t\l  Inverse.  Fvery  nonaervi  element  a of  D has  an  inverse  a'*  satisfv ms  the  eiiiiation  a"'  a * 1 


By  l^.riieorem  n 4|.  the  residue  classes  of  intesers  modulo  any  prime  number  p forms  a field  of  p elements 
called  the  Gslois  ft»fd  CiFtpl  It  can  lie  sliown  that  there  is  at  least  one  irreducible  polynoniinal  of  eiery 
decree  over  CiFtpl  isuch  a polynomial  f is  one  with  no  rvHMs  in  t.>Fipl.  i.e..  fly  I * 0 for  everv  v m i.'iFipll 
1 2.  iMge  I .^5 1 In  fact,  for  any  iHisitive  inteser  n there  is  a |Hi|y noniial  f of  dejsree  n w Inch  jsenerates  the 

Cialois  field  of  p"  elements,  called  t.'«Fip’'>  where  CiFip'h  ■ lO.  t.  f I*'"  ■ 1 \ lor  a root  t of  f In 

this  ca.se  I is  called  a primitivt  thnitnt  of  CF(p''>  and  f is  called  a primitive  polyiwminl  Fvery  element  \ of 
CiFlp^f  can  also  be  exprevseit  m the  form 


\ • c^)  Cj  t |t'''*  ICj  m C.FipD.  l2,  n 

In  this  case  \ is  written  icq.  C| . . . ..  f.  which  is  called  the  p-nary  aini|Hinent  form  of  \ iif  p ■ 2.  it  is 
called  the  binary  form,  and  if  p ■ .C  it  is  called  the  ternary  forniV  The  pixicediire  for  relating  the  two  repre- 
sentations of  \ the  power  form  and  the  component  form  is  iia  the  primitive  jmIv  nomial  f.  The  set  of  the 
cvimivnent  forms  of  all  the  elements  \ in  CiF'ip’'f  in  relation  to  the  power  forms  of  these  elements  is  called 
an  ctxl0  for  ('<Ftp'’V  .Such  a code  has  the  pixiperty  that,  for  \ • u\r.  C| . . c„.|  i and  \ ■ 

tvl^).  d| d,^  I >.  \ ♦ y ■ lC|^  '!>  d^).  C|  'll d| . . . ..  c„,j  ai  d„  1 1.  where  'll  deiu'tes  addition  modulo  p 
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Multiplication  of  two  elements  x and  y in  GF(p")  is  more  easily  carried  out  when  x and  y are  written  in 
their  power  forms,  say  x = tJ  and  y = t*^.  Then  xy  = where  j and  k are  summed  modulo  (p"  - I ).  In 
the  remainder  of  the  paper,  for  notational  convenience,  the  component  form  of  an  arbitrary  element  of 
GF(p")  will  be  written  cq  Cj  . . Cp.j  instead  offcg,  cj. . . 


It  is  well  known  that  every  finite  field  is  the  Galois  field  GFfp*')  for  some  prime  p and  positive  integer  n 
[ 2.  Section  6.5  ] . It  is  also  true  that  GFtp'')  minus  its  0 element,  denoted  GF(p")  - {0  }.  is  a multiplicative 
group  1 2,  Section  6.6],  (A  group  G is  a set  with  a single  operation  such  that  the  product  (sum)  of  every  two 
elements  in  G is  a third  element  of  G,  there  is  a multiplicative  (additive)  identity  of  G,  denoted  1 (0),  and  every 
element  of  G has  a multiplicative  (additive)  inverse.)  It  was  pointed  out  earlier  that  tP”"^  = 1 for  a primitive 
element  t of  GF(p*^).  In  fact,  xP""*  = 1 for  every  element  x ^ 0 in  GF(p")  (2,  Theorem  6.1 8).  The  number 
p”-l  is  called  the  order  of  the  group  GF(p")  - {0 }.  Since  every  element  x of  GFfp'^)  - {0 } is  a power  of  a 
primitive  element  t,  i.e.,  x = tJ  for  some  integer  j between  I and  p"-I  (p"-l  = 0 mod  (p"-I )),  GF(p”)  - {0} 
is  a cyclic  group  [2,  page  157].  In  this  paper  GFfp'^)  - {0 } will  often  be  referred  to  as  the  cyclic  group  of 
GF(p"). 

Another  mathematical  structure  of  interest  in  this  paper  is  the  subfield.  A subfield  F of  an  arbitrary  Galois 

field  GFfp*')  is  a subset  of  GF(p'')  which  is  itself  a field  under  the  operations  of  addition  and  multiplication 

in  GF(p”).  All  subfields  of  the  Galois  field  GF(p”)  are  necessarily  GFfp”’)  for  some  integer  m dividing  n 

(3,  page  447],  It  can  be  seen  in  equation  (2.1)  and  in  the  paragraph  following  (2.1 ) that  every  element  x in 

GF(p")  can  be  written  in  its  component  form  x = cq  Cj  ....  Cn_j  over  GF(p).  The  set  { 1 , 1. 1~, . . .,  t""*  } 

is  called  a basis  for  GFfp'’)  over  GF(p).  More  generally,  if  GF(p^)  is  an  arbitrary  subfield  of  GF(p'’).  then 
“7  n _ j - Jl  ^ 1 

the  set  {1,  t,  t“, . . tni  } of  n/m  elements  is  a basis  for  GFCp'^)  over  GF(p^).  The  set  {I,t,t“ } 

of— elements  is  a basis  for  GF(p")  over  GFfp"’).  Moreover,  by  the  same  method  that  GF(p'’)  can  be  gener- 
m 

ated  from  GF(p)  by  a primitive  polynomial  over  GF(p)  of  degree  n,  GFfp”)  can  be  generated  from  GFlp"’) 

by  a primitive  polynomial  over  GFfp*’’)  of  degree  — . Also,  every  element  x in  GFfp'^)  can  be  written  as 

m 


x = ao  • 1 + a,  • t + - 
with  coefficients  ag,  a j . . . 


(2.2) 


Much  of  the  work  on  Galois  logic  design  that  has  been  done  by  Sperry  Univac  has  been  concerned  with  imple- 
mentation of  an  arbitrary  function/polynomial  over  the  Galois  field  GF(2'').  The  solution  to  the  implemen- 
tation problem  chosen  by  Sperry  Univac  is  a tree  network  of  Galois  linear  modules.  The  Galois  linear  mod- 
ule. pictured  in  Figure  2-1  (external  view)  and  in  Figure  2-2  (internal  view)  is  basically  a GF(2")  multiplier 
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with  a tew  exclusive  - or  gates  aildeit  at  the  end  in  order  to  make  a linear  lunetion.  The  tree  of  linear 
miHliiles  is  shown  in  Figure  2-3  Notice  that  there  are  1 5 modules  in  this  tree,  and  that  1 5 ” 2"^  - 1 I or 
arhitrars  n there  are  2”  - 1 tialois  linear  modules  m a full,  or  universal  tree. 

Ellison  14 1 also  addressed  the  problem  of  doing  constant  multiplication  by  a single  element  of  a Galois  field 
The  big  advantage  of  doing  constant  multiplication  is  that  there  is  much  less  circuitry  mvolval  than  in  the 
full  multiplier.  The  reason  that  constant  multipliers  are  important  m the  context  of  this  report  is  that  the\ 
are  used  often  in  subtleld  multipliers,  as  will  be  seen  in  Sections  4.2  and  4 .T  The  a>nstant  multipliers  de- 
scribed in  Ellison  in  14]  are  called  Beethoven  multipliers  and  the  concept  of  multiplication  by  a constant  in 
a Galois  field  is  called  Beethoven  reduction. 


FIGURE  21.  EXTERNAL  VIEW  OF  GALOIS  LINEAR  MODULE  (GLMI 
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3.1  INTRODUCTION 

The  original  thrust  ot'Cialois  logic  design  was  a universal  one.  In  fact,  for  the  most  part,  the  research  done 
to  dale  has  been  directed  toward  designing  circuits  capable  of  doing  arbitrary  functions  in  a Galois  field. 
Thus,  the  complexity  of  Galois  circuits  has  been  greater  than  if  the  circuits  were  devised  for  a specific 
function.  In  order  to  maintain  the  generality  with  a more  reasonable  amount  of  hardware,  methods  of  re- 
ducing the  complexity  of  the  Cialois  circuits  were  studied.  Two  different  approaches  were  investigated:  a 
reduction  in  the  number  of  modules  in  a tree,  and  a reduction  in  the  size  of  a module  by  doing  subfield 
multiplication.  In  this  section  these  two  methods  will  be  discussed:  Section  3.2  deals  with  sequential  trees 
and  Section  3.3  considers  subfield  multipliers. 

3.2  SEQUENTIAL  TREES 

For  a full  tree  of  GF(2'’)  Galois  linear  modules  there  are  (2”  - 11  modules,  as  it  was  pointed  out  in  Section 
2.  For  large  n.  ( 2^^  - 1 ) can  be  prohibitively  large  and  so  it  is  of  interest  to  reduce  the  number  of  modules  in 
a full  tree  without  losing  computing  capability.  It  turns  out  that  if  n is  an  even  integer,  say  n = 2k.  then 


I = 2-*^  -I  = (2'^)-  - 1-  = (2^  - 11(2*^  + 1). 


This  factorization  of  the  number  of  modules  in  a GFt2"i  tree  into  two  numbers,  one  of  w hich  is  the  number 
of  modules  in  a full  GFl2^)  tree,  suggests  that  sequential  operation  of  a GF(2^)  tree  with  (2^  + 1 ) pa.sses 
will  simulate  a GF(2'’)  tree.  Figure  3-1  is  a reduced  tree  of  (2*'  1 ) = 2^  - 1 Galois  linear  modules.  The 

first  2"  “ passes  are  made  with  the  coefficients  of  the  polynomial  and  the  outputs  fj , are  stored  in  a stor- 
age register.  The  final  pass  is  made  with  these  outputs  used  as  the  coefficients,  at  which  time  the  variable 
inputs  of  each  module  are  altered  in  order  to  allow  for  the  change  in  the  levels  of  the  original  tree  that  the 
reduced  tree  simulates  in  its  last  pass. 
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For  a given  n there  may  be  many  factorizations  of  (2’’  - I ).  For  example,  if  n is  even  there  are  always 
other  factorizations  of  (2'^  - I ) other  than  (2"^"-  l]  (2”^“  + ij  12,page4741.  Infact(2"-  1 ) has 
3 as  u factor  since  2*''^“  - 1 and  2''^“  + 1 are  two  consecutive  odd  numbers  encompassing  2”^“, 
which  clearly  does  not  have  3 as  a factor.  Therefore,  either  2’'^“-  1 or  2"^“  1 has  a factor  of  3. 

Thus,  for  even  n,  a full  tree  of  ( 2*^  - 1 ) Galois  linear  modules  can  be  replaced  either  by  a tree  of  2”^"  - 1 
modules  or  by  a tree  of  (2“  - 1 ) = 3 modules.  It  is  also  important  to  observe  that  for  odd  n,  2"  - I may  be 
prime;  for  example,  if  n = 3 or  5.2"-  1 is  prime. 


FIGURE  3-1.  A REDUCED  TREE  OF  GALOIS  LINEAR  MODULES  IN  GF(2") 

Note  that  in  the  description  given  above  only  the  size  of  the  tree  is  altered.  The  size  of  the  individual  mod- 
ules remains  the  same.  The  amount  of  hardware  involved  in  the  individual  modules  can  be  reduced  also, 
which  is  the  subject  of  the  next  paragraph.  The  advantages  of  the  two  concepts  of  hardware  reduction,  when 
combined,  should  be  the  subject  of  a future  study. 

3.3  SUBFIELD  MULTIPLIERS 

The  theoretical  background  needed  to  develop  the  idea  of  Galois  subfield  multiplication  begins  with  the 
fact  that  every  Galois  field  can  be  generated  from  any  one  of  its  subfields  by  a primitive  polynomial  over 
that  subfield  by  the  method  described  in  Section  2.  If  GF(p">  is  the  larger  field,  and  if  GF(p"')  is  a subfield 
of  GF(p"),  then  m divides  n,  and  there  exists  at  least  one  primitive  polynomial  of  degree  n/ni  over  GF(p"’) 
which  generates  GF(p").  (2.  Section  6.6|.  For  each  primitive  polynomial  there  are  several  bases  which  can 
be  used  to  develop  the  code  for  the  larger  field.  The  process  which  will  be  discussed  below  for  doing  sub- 
field multiplication  suggests  using  for  a basis  the  (n/m)  elements  of  GF(2"j,  1 , 7.  7“ .y(n/m)-I  ^ 

a root  of  the  selected  primitive  polynomial.  This  basis  allows  for  an  easier  determination  of  the  code  repre- 
sentation of  the  larger  field  written  with  the  elements  of  GF(2")  as  coefficients  (see  equation  (2.2)1.  In 
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the  remainder  of  this  paragraph  the  theoretical  aspects  of  subfield  multiplication  are  discussed.  Let  n be  a 
positive  integer  and  consider  the  Galois  field  GF(p").  Let  7 be  a primitive  element  of  GFlp*^).  The  mini- 
mum polynomial  of  7*^  for  any  positive  integer  k is  the  polynomial  of  lowest  degree  over  (iF(p)  for  which 
7*^  is  a root.  All  elements  of  GF(p")  which  have  the  same  minimum  polynomial  as  7*^  are  called  conjugate 
elements  of  7*^  [ 5 ) . The  totality  of  such  elements  forms  a so-called  cyclotomic  coset.  Since  every  element 
of  the  coset  is  a root  of  the  same  minimum  polynomial,  the  size  of  the  coset  is  the  same  as  the  degree  of 
the  corresponding  minimum  polynomial.  In  view  of  the  fact  that  the  minimum  polynomial  of  each  coset 
divides  the  polynomial  xP  - x (2.  Theorem  6.23),  and  that  the  minimum  polynomials  are  irreducible  [2, 
Theorem  6.1 5),  the  minimum  polynomial  of  each  coset  has  degree  less  than  or  equal  to  n |2,  Theorem  6.24). 

Hence,  the  number  of  elements  in  each  coset  of  GFlp”)  is  less  than  or  equal  to  n.  It  is  well-known  that  if  7 

2 k-l 

is  an  element  of  GF(p")  with  minimum  polynomial  fi  x)  of  degree  k,  then  7,  7P.  7P" 7P  are  all  the 

roots  of  fix)  (2,  Theorem  6.25 1.  Hence,  the  coset  of  7 is  precisely  {7,  7P }.  More  generally,  if 

the  base  field  is  an  arbitrary  subfield  GF(p’^)of  GFlp”)  instead  of  GF(p).  the  concepts  of  minimum  poly- 
nomial, conjugation,  and  cyclotomic  cosets  over  GFlp*')  carry  over  from  GF(p).  In  particular,  the  follow- 
ing proposition  gives  a description  of  these  generalized  cyclotomic  cosets. 

PROPOSITION  3.1 : Let  7 be  a primitive  element  of  GFlp”)  and  let  j be  any  positive  integer  less  than  n.  If 
m is  a positive  integer  dividing  n,  say  n = md.  then  the  set  of  conjugates  of  yJ  (including  7J)  with  respect  to 
GF(p"^)  is  precisely  the  set  of  elements  {(V  iP*”'  | t = 0,  1 d - 1 }. 

Proof:  Recall  that  two  elements  are  conjugates  if  they  satisfy  the  same  irreducible  polynomial.  Thus,  if 

f(x)  = x‘^  + aj_|  x*^'*  + •■•  +a]  X + ao  is  an  irreducible  polynomial  of  degree  d over  GF(  2'”) 
with  root  7I.  then 

f ((yiP'*")  = + “d-l(<'y^)  +•  • ■ + a,  + ao 

i,i  ptm  _tm  / n*"’  P*’”  i P*'”  P^”' 

= (7J^)P  + aj.iP  (^7*'^*  'y  P + ■ • ■ + a,  (tJ)^  + ao^ 

= + aj-I  + • • • + aj  7!  + ao^  P*"' 

= 0 

Note  that  (apP  = aj.  since  aj  is  an  element  of  GFlp*’)  for  every  i = 0,  1 d-1  and  for  every  t = 0.  I . 

. . ..d-1. 
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It  should  be  pointed  out  that  there  may  be  fewer  than  ^ = d distinct  conjugates  of  7-*,  a situation  which 

m 

can  arise  only  if  j is  a divisor  of  p”  - 1 . 

Recall  from  Section  2 that  every  Galois  field  can  be  generated  from  any  of  Its  subfields  by  a primitive  poly- 
nomial over  the  subfield.  The  primitive  polynomials  are  among  the  minimum  polynomials  of  elements  of 
the  subfield  (all  minimum  polynomials  are  irreducible,  but  are  not  necessarily  primitive).  It  is  of  interest  to 
know  which  minimum  polynomials  are  primitive  to  see  the  various  paths  with  which  to  form  a larger  field 
from  a subfield.  It  will  be  shown  below  that  minimum  polynomials  which  are  primitive  can  be  distinguished 
from  nonprimitive  polynomials  by  looking  at  the  corresponding  cyclotomic  cosets.  First,  though,  two 
examples  of  a breakdown  of  into  cyclotomic  cosets  are  GF(2  * ) and  GF(2*)  are  given  in  Tables  .T 1 

and  3-2  Also  listed  are  the  corresponding  minimum  polynomials.  In  Table  3-2,  the  element  t of  GF(2“) 

IS  a root  of  X “ X + 1 . 

TABLE  3 t.  CYCLOTOMIC  COSETS  OF  GF(2‘*)  OVER  GF(2’)  (2,  PAGE  4761 


1 COSETS 

MINIMUM  POLYNOMIAL 

PRIMITIVE 

t 

Ig.  g^.  g^.  g® ) 

+ 1 

YES 

2. 

ig®.  g®.  g'l  g®} 

d 'X  7 

X + X'*  + X + 1 

NO 

3 

Ig'.g’O} 

+ X + 1 

NO 

4. 

-g'.g'r  g’®.  g’M 

X^  + X + 1 

YES 

5. 

(g»5  . gO  . , ) 

X + 1 

NO 

TABLE  3 2.  CYCLOTOMIC  COSETS  OF  GF(2^)  OVER  GF(2^) 


COSETS 

MINIMUM  POLYNOMIAL 

PRIMITIVE 

1. 

l9.  g^  1 

x^  + t X + t 

YES 

2 

ig^.  g«) 

x^  + t^x 

YES 

3. 

19®.  9’^) 

x^  + tx  ♦ 1 

NO 

4. 

(g®.  g®} 

x^  + t^x  + 1 

NO 

6 

19®) 

X + t 

NO 

6. 

{g’®l 

2 

X ♦ 

NO 

7 

(g^g’®) 

2 

X ♦ X ♦ t 

YES 

8 

ig’Vg’^ 

2 2 
x'  ♦ X t 

YES 

9. 

ig'®-  1) 

X + 1 

NO 

34 


.'-TafAr.-rY  r 


A iKvcssary  coiulition  that  a cosot  corrcs|H)iul  to  a primitive  polynomial,  i.e..  that  the  minimum  polynomial 
of  the  coset  have  primitive  elements  for  its  roots,  is  that  the  coset  contain  n distinct  elements.  However, 
this  condition  is  not  suftlcient,  as  can  be  seen  in  Table  3-1  by  the  coset  { p*  \ p*^  ).  The  reason  that 
this  coset  does  not  consist  of  primitive  elements  is  that  the  exponents  3,  6,  1 2,  and  9 have  the  common  fac- 
tor of  3 with  the  order,  1 5 “ 2^  - I , of  the  cyclic  proup  CIFt  2^)  - { 0 }.  Since  cosets  with  fewer  than  n 
elements  correspond  to  cosets  in  siibflelds  of  (JF(2'’),  the  minimum  polynomials  correspondinp  to  them 
cannot  be  primitive.  Thus,  in  order  to  detennine  the  primitive  polynomials  of  C'lFt 2”)  over  GF*(  2 * ),  one 
first  computes  the  number  of  n'element  cosets  of  CiF'(2'’),  and  then  discards  the  remaininp  cosets  whose 
elements  have  exponents  havinp  a common  factor  (larper  than  I ) with  (2"  - I ),  the  order  of  the  cyclic 
proup  (iF(2'')  - { 0 ) of  GF(2'').  In  Proposition  3-3  below  there  is  a procedure  piven  for  countinp  the 
number  of  n-element  cosets.  However,  Lemma  3-2,  which  involves  the  concept  of  preatest  common 
divisor,  is  needed  first. 

k k k 

A few  facts  concerning  the  greatest  common  divisor  are  now  in  order.  F^'t  n = P|  ‘Pi  2 ■ • • i’t 
Pj’s  distinct  primes.  Then  n/pj,  n/p->,  . . . , n/pj  are  all  o'visors  of  n,  in  fact,  maximal  proper  divisors  of 
n.  and  so  GF(p'’^f*i)  is  a maximal  subfield  of  GFFp*^)  for  every  i.  In  other  words,  there  are  no  proper  non- 
zero siibfields  (i.e.,  not  GF(p'’))  of  GF(p'’)  containing  GFip'^^i^i).  The  largest  number  which  is  a divisor  of 
two  numbers  a and  b is  called  the  greatest  common  divisor  of  a and  b,  and  is  written  ped  (a,  b):  for  example, 
pcd(6,  l5)  = gcd(2-3,3-5)  = 3. 


I.emma  3-2  helps  to  get  an  exact  count  of  the  number  of  cosets  displayed  in  Proposition  3-3. 

k 1 r,  L k* 

LFMMA  3-2:  F.ct  n be  a positive  integer  and  .aippo.se  that  n = P|  ' • p,  -•  • • • pj  each  pj  a distinct 

prime,  and  each  k;  a positive  integer.  Tlien  the  preatest  common  divisor  of  n/pi , n/p-i,  • • • . n/p,  (p  cd 
, , k,-l  k-,-1  k.-l 

(n/P|.n/p2 n/P())isp|  ' Pv  “ ’ ' Pt  • 


ki-l  k-t-l  k.-l 


Nl”l  M l Rf  I II  IV  I IV  1 IVj  I I 

Proof;  Lcty  = P|  *112“  ' ’ ' Pt  • Now  note  that  = P|  ' • Pt  ‘ ' Pj  P( 


for  every  i = 1,2 t.  Therefore,  y divides  n/pj  for  every  i = 1 , 2 t,  and  so  y divides 

ped  (n/p| , n/p2 n/pj).  Supixvse  d is  an  integer  such  that  yd  = ped  (n/P| , n/p2 n/PjL 

If  d is  greater  than  I , then  d = Pj^*  * pV“  ' ' ' p/*  where  at  least  one  of  the  ij's  is  greater  than 
0,  say  j ] . Then 

yd  = (pi  ' • P:  ‘ "Pt  j * (^P|  ' P2 Pt  y " P|  ■ 

j 1 t k I - 1 F +j  1 

P|  • (extraneous)  = P]  • (extraneous). 


(The  extraneous  part  is  not  im|H)rtant  to  this  argument.)  Since  yd  is  the  preatest  common  di- 
visor of  n/p| . n/P|.  yd  divides  n,/p|  = pAt*  • p-)*‘2  • • • Pj*^t  and  so.  from  (3.2). 


j|  = 0,  a contradiction  to  the  original  assumption  that  jj  is  greater  than  0.  Thus,  jj  = 0 tor 
all  i = 1 , 2, ....  t and  so  d = 1 and  finally  y = gcd  (n/p| , n/pi ntp^)■ 

PR0K)SIT10N  3-3:  Let  n be  a positive  integer  and  p be  prime,  and  suppose  that  n = P|*^l  • p-(*^2  ■ • ■ 

P(^t,  the  Pj's  distinct  primes.  Tlren  the  number  T of  n-element  cyclotomic  coscts  of  (il"(p”)  with  respect 
to  tJRp)  is 

I (0 

T=  — < p”  - 2:  p'’^l’i  + V 2 pgal(n/pj,  n/p|,)  . v pgcd(gcd(n/p^,  n/pj,),  gcd(n/p^.,  n/pj)) 

" i=l  k>j  j=l  a,b7c,d 


+ • • • ± p 


Pi'^r'  • p,*^:''  ■ • ■ Pt'^r'^ 


Proof:  Ilie  proof  consists  of  counting  the  number  of  elements  in  (IFtp’')  which  lie  in  cyclotomic  cosets 

of  length  n,  and  then  dividing  by  n. 

The  first  step  is  to  subtract  from  p'\  the  total  number  of  elements  in  (IFtp'').  the  totality  of  ele- 
ments of  CiFtp’’)  which  lie  in  maximal  subfields  of  GF(p'').  The  number  of  such  elements  is 

V pi/Pj  = pO/P]  + pf>/P2  p'’/Pt,  i.e.,  all  the  elements  in  the  maximal  subfields  of 

i=l 

GF’tp”).  However,  unless  t = I (i.e.,  n is  the  power  of  a single  prime  number)  there  are  nontrivial 
intersections  among  the  maximal  subfields  and  so  there  are  some  elements  which  have  been  sub- 
tracted more  than  once.  Since  the  intersection  of  the  two  maximal  subfields  GF(p'’'^l'j)  and 

GFtp'^^l’k)  has  gcd  (p'’^l’j,  p''^l'k)  elements  for  j,  k = I,  2 t.  the  number  of  elements  in  all 

of  these  intersections  is 

CO 

V V ^Cd(n/Pj,  n/pi^) 

k>j  j=l  ' ^ 


and  this  sum  must  be  added  to  the  total.  Once  again,  there  may  be  a nontrivial  intersection  of 
the  fields  ”/Pb^)  and  GF(p^^‘^*0t/P^..  ''/Pj^)  for  some  a,  b.  c,  d.  Hence,  the  sum 


r 2:  pS'-’^'  (s^iUn/Pg,  n/pj,),  gcd(n/p^..  n/p^,)^ 


2;  2:  2:  2:  pK«' n/pj,),  gciun/|\..  n/p^,)  I 
abed  ^ 

must  be  subtracted  from  the  previous  total.  This  process  continues  until  all  the  pairwise  intersec- 
tions are  the  same,  at  which  point  the  number  of  elements  in  this  subfield  is  addeil  or  subtracted 
The  final  sum  is  the  total  of  all  the  elements  which  do  not  lie  in  any  proper  subtieUI  of  ( li  t p"  i. 
and  therefore  which  do  trot  lie  in  any  coset  of  length  less  than  n.  This  total  is  P|*^  I * • p>^2  ' 

. . . Pf^f* , since  it  is  eipial  to  gcdtn/p| , n/p-i iTpj ) tsee  1 emma  3-2).  Dividing  by  n now 

gives  the  number  of  n-element  cosets. 


1 


j 

i 


(X)R(')l.l.ARN  3-4:  Ivt  n be  u positive  integer  aiul  p a prime  It  m is  a »li\isoj  ot  ii,  then  the  number  of  n/m- 
element  eyelotumie  eosets  in  (il•l2''^over  tll't^'")  is  ml'. 

I'rimf:  Since  one  needs  a primitive  polynomial  of  degree  ii/ni  over  ( il  ( J"'  t to  generate  CI  t 2” ).  the  max- 

inunn  length  of  a coset  in  (d't^'Mover  (il'tJ"')  is  n/m 


I'here  are  1 n-element  cosets  in  III  1 2”)  and  so  there  are  no  fewer  than  (m  T>  n/m-element  cosets 
in  (;b'(2'*)  over  Cl’t  2'")  (since  there  are  a total  of  n I elements  in  these  cosi-ts.  and  ii'F  = (n/m)  (ml  )). 

1 

^ In  tact,  there  can  be  no  other  cosets  of  length  n/m,  since  they  woiiKI  have  been  part  of  an  n-length 

. coset  over  f'ib'(2''),  originally,  by  the  definition  of  a cyclotomic  coset. 

^ Ihe  following  three  examples  will  help  illustrate  the  preceding  two  results. 

1 

I XAMIM  b 3-5:  l.et  p = 2 and  n = I 2 = 2“  • 3.  Then  P|  = 2 and  ps  = 3,  and  st)  n/p|  = 1 2/2  = (>  and  n/ps  = 
j I 2/3  = 4.  Thus,  the  maximal  subfields  of  (iF(2  * “)  are  (IF(2^)  and  ('»F(2^),  and  Ihe  intersection  of  these  two 

subtields  is  the  subfield  (iF(2^^‘*^^''^h  = ('iF(2“).  Hence,  the  number  of  elements  in  (!l  (2  * “)  of  order 
2' --Ms 

2'-  - {2^  + 2*^)  + 2-  = 40‘)6  - {(i4 +!(>}+  4 = 40‘)6  - 7o  = 4020 
and  so  the  number  of  I 2 element  cosets  in  CiF'(2*  “)  is  4020/1  2 = 335. 

! 

FXAMPI  F 3-b;  Let  p = 3,  and  n = 15  = 3 • 5.  Then  P|  = 3 and  p-»  = 5,  and  so  n/P|  = 15/3  = 5 and  n/ps  = 

15/5  = 3.  Thus,  the  maximal  subfields  of  (JF'(3*-')  are  (;i’(3-‘')  and  (:f'(3-^).  Since  gcd(3,  5)=  I = 3^^  • 5^\ 

Ihe  intersection  of  these  two  subrields  is  (!F'(3* ),  and  so  there  are 


7 - 

4 . 


3''’-  {3-'’  +3-^  + 3' 

elements  of  order  (3*  I ) in  (ill 3*  Thus,  there  are 

= 14,348,407  270  + 3 , 14,348,(^40 

15  15  15 


45l>,57b 


1 

t 

I 

r 


I 


* . I 5-element  cosets  in  (IF(3  * ). 
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tXAMPLH  3-7  Let  p * 2 and  n * 3(>0  = 2^  • 3-  • 5.  Tltcn  P|  * 2.  p^  = 3.  and  p^  = 5.  Hence,  n'P|  = 
3<'0/2  ■ ISO,  n pi  * 3oO  3 * 120,  and  n/p^  = 360/5  = 72.  Tliu.s.  the  maximal  siibCields  ol  (il‘(2‘^*’^i  are 
i;F(2'^‘^L  (.'.F(2’  and  (.'.Ft 2"^-).  Next.  gcd(180.  I 20)  = 60.  gcd(180.  72)  = 36.  and  gcd(l  20.  72)  = 24. 
Finally.  gcdt60,  36)  * gcd(60.  24)  = gcd(36.  24)  * I 2.  Note  also  that  pj’^T*  • pi*^2'*  • Pt*^3'*  = 2-* 
3*  • 5*^  * 4*3*1  * 12.  Thus,  the  number  of  360-element  cosets  in  CiF(2‘^^'*^)  is 


Since  the  cosets  of  length  n in  GF(p")  correspond  to  irreducible  polynomials  (recall  that  all  minimal  ixrly- 
nomials  are  irreduciole).  Proposition  3-3  gives  the  number  of  irreducible  polynomials  over  the  base  field 
CiF(p).  To  determine  which  of  these  polynomials  are  primitive,  it  is  sufficient  to  observe  if  the  exponent 
of  any  element  of  a coset  has  a factor  (other  than  I ) in  common  with  the  order  of  the  field  p”-  1 . If  there 
is  such  a factor,  the  corresponding  minimum  polynomial  is  not  primitive  (because  the  elements  of  the  coset 
cannot  be  primitive  elements  of  the  field);  otherwise  it  is  primitive.  The  next  example  illustrates  this  prin- 
ciple. 


EXAMPLE  3-8;  Let  p “ 2 and  n = 8 = 2'\  Since  8 is  the  jiower  of  a single  prime  it  is  neces.sary  to  subtract 
only  the  single  maximal  subficld  GF(2‘^)  of  GF(2^).  i.e..  there  are 


-i.  (240)  = 30 
8 


cosets  in  GF(2^)  with  8 elements  (see  (2.  page  476 1 - note  that  there  are  1 6 irreducible  polynomials  ot  de- 
gree 8 listed  there.  Fourteen  of  those  have  different  reciprocals  and  two  are  self-reciprocal.  Thus,  there  are 
14  X 2 2 = 30  distinct  irreducible  polynomials  listed  there).  To  determine  the  number  of  primitive  poly- 

nomials. the  order  of  GF(2®')  - {0}*2^*  1 = 255  = 3 • 5 • 17  is  needed.  In  Table  3-3.  the  lowest  expw 
nent  of  each  cyclotomic  coset  is  listed  and  whether  the  corresponding  minimum  polynomial  is  primitive. 
(Note  that  all  the  cosets  which  are  not  associated  with  a primitive  polynomial  have  lowest  exptvnent  having 
a common  factor  with  255.) 


1 t 7 ^ t I t Q ^ 

Note  that  if  y ' represents  a primitive  element  from  the  first  coset.  then  7.7.  7 .7  . and  y - * 

7®  * I represent  the  different  cosets  of  GF(2‘*)  (all  the  elements  except  0 are  accounted  for). 

It  is  often  necessary  to  generate  the  Galois  field  GF(p*'')  from  t'iF(p'’)  with  a primitive  polynomial  of  de- 
gree 2 over  GF(p'^).  It  is  possible  to  choose  a primitive  element  in  GF(p"'’)  and  its  coiyugate  with  respect 
to  tiFtp”)  (see  Proposition  3-1 ) and  calculate  a primitive  polynomial  of  degree  two  For  designing  the  < ial- 
ois  multiplier  for  GFtp-'')  by  doing  the  actual  multiplication  over  t'.Flp").  it  is  necessary  to  Know  how  to 
write  the  primitive  element  and  its  conjugate  with  coefficients  in  GF(p'')  The  next  proposition  tells  exactly 
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how  to  do  that. 


TABLE  3-3.  LIST  OF  COSETS  FOR  GF(2®)  (LOWEST  EXPONENTS  ONLY) 


COSET 

LOWEST 

EXPONENT 

PRIMITIVE 

COSET 

LOWEST 

EXPONENT 

PRIMITIVE 

COSET 

LOWEST 

EXPONENT 

PRIMITIVE 

1. 

1 

YES 

13. 

25 

NO 

25. 

59 

YES 

2. 

3 

NO 

14. 

27 

NO 

26. 

61 

YES 

3. 

5 

NO 

15. 

29 

YES 

27 

63 

NO 

4. 

7 

YES 

16. 

31 

YES 

28. 

85 

(2  ELEMENTS) 

h. 

9 

NO 

17. 

37 

YES 

29. 

87 

NO 

6. 

11 

YES 

18. 

39 

NO 

30. 

91 

YES 

7. 

13 

YES 

19. 

43 

YES 

31. 

95 

NO 

8. 

15 

NO 

20. 

45 

NO 

32. 

111 

NO 

9. 

17 

14  ELEMENTS) 

21. 

47 

YES 

33. 

119 

(4  ELEMENTS) 

10. 

19 

YES 

22. 

51 

(4  ELEMENTS) 

34. 

127 

YES 

11. 

21 

NO 

23. 

53 

YES 

35. 

255 

(1  ELEMENT) 

12. 

23 

YES 

24. 

55 

NO 

1 

PROPOSITION  3-9:  Let  p be  a prime  number  and  let  n be  a positive  integer.  Suppose  that  a is  a primitive 
element  of  GF(p")  and  that  f(x)  = x-  +a‘x  +0*^  is  a primitive  polynomial  over  GFtp'')  generating  GF(p-'’V 
If  7 is  a root  of  f.  and  if  n is  a positive  integer,  then  the  conjugate  element  (7'”)^’  of  7'^  = s + t*7  with  re- 
spect to  GF(p”)  is 

.j,m*p*'  = ((p  - 1 )i  • a'  + si  • 1 ■*„  + (p  - l>t  • 7 (.'.3) 

for  s and  t in  GF(p").  In  particular  if  7*^  is  an  element  of  GF(p”).  i.e..  if  t = 0.  then  7"’  is  self-con,iugate. 

Proof:  Since  7*^  and  are  conjugates  with  respect  to  GFtp*^)  by  Proposition  3-1 . then  they  are 

the  two  roots  of  a quadratic  polynomial  over  GF(p*').  In  fact,  they  satisfy  the  polynomial 

(X  - 7*")  (X  - 7'”P")  = X-  - (7"’  + 7'"P")  + 7"'  • 7'"P" 

and  so  the  coefficients  7'”  + 7”'P  and  7”'  * 7'’'P  must  lie  in  (iFlp''>.  Suppose  7'"P  = a + b‘7. 


.j,m  ^ .|,mp  = (s  + f7)  + (a  + b • 7)  = (s  + a)  + (t  + b)  7 


and 


* 


i 


1 


t 

4 

1 


4 


= (s  + t • 7)  (a  + b • 7)  = sa  + (ta  + sbVy  + !b7"  (3.5) 

= sa  + (ta  + sb)7  + tb  1 - ((>*7  + a*^)]  = sa  + (ta  + sb)7  + (p  - 1 ) |oi7  + Q*^)tb 

= ^sa  + (p  - I )a*^tb^  l2n  + ( ta  + sb  + (p  - I)  of'tb  | 7 . 

Since  7”'  + 7'ttp"  anil  7”'  • 7"’P  are  in  GFlp”)  anil  since  elements  of  GFip”")  which  lie  in 
GF(p")  are  written  h'lij,  + 0„-7  for  some  h in  GF(p"), 

t + b = 0 from  (3.4)  and  ta  + sb  + (p  - I )(»*  tb  = 0 from  (3.5). 

Thus,  b = -t  = (p  - 1 )t  and  together  with  the  fact  that  (p  - 1 )-  = 1 (mod  p)  (since  p - 1 = -1  (mod 
p)).  0 = ta  + s(p  - 1 )t  + (p-1  )c»it  (p  - 1 )t  = t^  + (p  - ! )s  + oit^  . Finally.  t = 0 or  a + (p-l)s  + 
ofit  = 0. 


If  t ^ 0.  then  a + (p  - 1 )s  - a^t  = 0,  and  soa  = -(p-l)s  -a^t  = s + (p-l  )o(it.  Thus,  7'ttP"  = 
[s  + (p  - 1 )o(jtl  + (p  - I ) t*7,  which  agrees  with  (3.3). 


I 


I 


1 


If  t = 0,  then  b = -t  = 0.  and  so  7”'P”  *a'  l+0*7  = a'  1.  Also,  since  7’^P''  = (7'’t)P”  = 

(s*  1 )P  = sP  • 1 = S’  I , a = s and  7*^  is  self-conjugate. 

The  ne.\t  example,  which  illustrates  the  preceding  proposition,  will  be  discussed  in  more  detail  in  the  next 
section.  That  discussion  occurs  in  the  exposition  of  the  generation  of  GF(2®)  from  GF(2)  in  steps  of  de- 
gree. 


1 


1 


EXAMPLE  3-10:  Let  p = 2 and  n = 4.  and  suppose  that  f(x)  = x"  + x + g where  g is  a primitive  element  of 
GF(2‘^).  Then  f is  a primitive  polynomial  (see  Example  4.2  below)  which  generates  GF(2^).  and  if  w is  a 
root  of  f.  then  w-  + w + g * 0,  i.e.,  w*  = g’  I4  + Ig’w.  By  Proposition  3-1,  the  other  root  of  f is  w“  = w'^. 
In  order  to  apply  the  preceding  proposition  to  write  w*^  in  a form  with  coefficients  in  GF(2‘*').  it  is  necessary 
to  observe  that  in  the  context  of  Proposition  3-9.  j = 0.  k = 1 . and  s = 0 and  t = 1 (since  w = 0*  1 + 1 • w). 

Thus,  by  (3.2).  recalling  that  I4  is  the  unit  element  of  GF(2'^)  and  that  Ig  is  the  unit  element  of  GF(2®), 


w*^  = ((2  - I)’  I ’7^  + 01’  I + (2  - I)’  I •w=Ig+l4’w 


1 i4  ■}■>  1 I 

The  conjugate  (w“)“  = w’”  of  w“  = g ’ Ig  + I4  ’ w (therefore  s = g and  t = I ) with  respect  to  GF(2  ) 


IS 


w^“  = 1(2-1)’  1 ’g®  + gl*  I + (2-1)’  I ’w  = (1  +g)’  1+w  * g-’  lg'*’l4'w 


1 


i' 

It 

■) 


I' 

i 
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I *1 

(that  g * I4  +g  in  ('»F(.  )i.an  be  seen  in  Table  40  in  the  iieM  seetiiMi 

Siipps^se  that  ((xi  as  a primitive  iHvlynomial  ot  viegree  2 over  CUMp-"!  which  generates  Cl  ip'*'’),  aiul  sup- 
txvse  that  it  is  desired  to  determine  a primitive  polynomial  ot  degree  4 which  generates  tlT'tp’*'')  over 
tiF(p''V  llie  tollowing  pro|X)sition  tells  how  to  calculate  such  a primitive  polynomial  t'rom  i\x).  Before 
stating  this  projxisition.  though,  the  concept  of  a coiyugate  poivnomial  is  needed. 

Let  t(.x)  * x^  * a j x + a^  and  g(x)  =•  F|^.x^  + ■ ■ ■♦■  b|  \ + by  be  two  arbitrary  polv  nomials 

over  CiFtp-”).  Then  f(\)  and  g(x)  are  called  conjugan  polynomials  if  aj  and  bj  are  conjugate  elements  of 
CiFlp-'')  with  respect  to  GFtp")  for  every  i » 0.  I k.  By  IVotxvsition  3-1 . bj  * ajF"  for  every  i. 

PROIXtSITlON  3-1 1 : Let  t(x)  = x“  + Of’x  + and  g(x>  * x"  + i>i  T x a^"l'  be  conjugate  primitive  polv  - 
nomials  over  GFtp*'').  Then  the  polynomial  r = f*g.  given  by 

r(x>  » x"^ x*^  + + a*^*P*^  x~  + + a^'*’’'P''^  x 

+ a»‘(p"+l ) . 

is  a primitive  (xvlynomial  with  coefficients  in  GF(p''t  which  generates  GF(p**'M. 

Proof;  If  7 denotes  one  root  of  r(x>.  the  other  three  roots  of  r are  in  the  same  cyclotomic  co.set  with  re- 
spect to  GFtpPf  as  7,  and  are  given  by  yP''.  yP'*^.  and  7P' ''  by  Proposition  3-1 . Since  these  four 
elements  satisfy  f(x)  and  g(x).  and  since  f(xt  and  gtxf  are  primitive  7,  yP".  yP'".  and  yP'  " are 
primitive  elements  of  GF(p**'’V  Hence  rixi  is  a primitive  (xvlynomial.  It  only  remains  to  show 
that  the  coefficients  of  rtxt  are  in  GF(p'''i, 

For  convenience,  r(x)  will  be  written  in  the  following  way 

rix>  « x‘*  + a3X-^+a2X-Va,x  + ao. 

It  must  be  sliown  that  aQ.  a | , a t.  and  a ^ are  all  in  Gl'(  p").  lliis  can  be  done  by  showing  that 
(Uj^P”"*  » I for  i ■ 0.  I.  2.  3.  First.  .iq. 

laol*’’’  ' « P"-'  - rtMp-''-n  = (^,,p-"-l^k  . |k 

since  a is  in  GF(p-'’)  (recall  that  for  every  element  t in  GF(p'''k  tP'”  * ■ I V llius  * 1 . 

and  so  a^^  IS  in  GFtp” V Next  it  is  shown  that  .i|  > a^'^'’P'' is  m (.'d  (p'’i  Before  this 


■it 


1. 


1 1 


i. 


is  done,  however,  the  reader  is  reminded  that  tor  any  two  elements  a and  b of  t'll'tp''!,  (a  + b)*’ 


al'*  + b*'  1 2.  I'heorent  0.14)  and  so 


+ rtk+j-p"^  p"  ^ p"  + (a^+j-p"^  p" 

P"  • tvi’l'"  -ivi’P''' 


i.„n  n-i'k  t.,,n  n-n  I i.„n  i i.,.n  , 

0(1  P • taP  ) + ^ • taP  I =•  of*  P • P - o’ 


j^*p"+k  + a^'P”'^j 


“1 


Note  that  ftP  * a since  a is  in  tiF(p*''k  i.e..  for  all  nonzero  elements  of  l'iF'(p~'’l,  c\P~*'  * a is 


.n 


equivalent  to aP  '*  * 1.  Similarly,  since  it  has  now  been  shown  that  a |P*' * a it  can  be  con- 
cluded that  aj  is  in  tiFtp"V  Next  av  must  be  considered. 


• +ak +£jk-p"j  p”  . a^p''+l)i-p"  ^ ^^k-p''  ak-p'’-p" 

. oi-P*"  . £»i-p”  + ftk-p''  +ak-p-»  . (aP’")  •'  • cv^'P"  + a^^'P”  + 

(q[P~  ^ ^ * Ofi  • ci(i  * P"  + ’ P"'  + “ iV ' ^ P'^  ^ ^ ^ * P*'  + a a •»  , 

and  st>  a-*  is  in  GFtp'').  Next  a^. 


a^P  - to)  +i»l  P )P 


oi-p"  + c»)*P''‘P"  * iV'P''  + toP*’'>'  » o'‘P"  +c>'  = a,  . 


and  so  ajj  is  in  GF(p”V  Thus  all  the  coefficients  of  r(x)  are  in  tlFtp'^'  and  so  r(\)  is  a primitive 
(X>lynomial  over  GFip”). 


Thus,  it  is  not  difi'icult  to  design  a GFtp”*’'’!  Galois  multiplier  over  GF(p''l  if  the  design  of  a GFtp'*'')  multi- 
plier is  known  over  GF(p*''V 
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SbCTlON  4 
bXAMPLlS 


4. 1 INTROniCTlON 

In  this  section,  two  examples  are  given  illustrating  the  concept  of  subfield  multiplication  which  was  dis- 
cussed 111  the  introduction  to  this  report.  Much  of  the  procedure  needed  to  do  subfield  multiplication  is 
based  on  the  results  of  the  preceding  section. 

g 1 ^ 

riie  first  example  shows  the  process  of  constructing  in  steps  of  degree  2.  i.e..  via  CiFiZ  1 -*  GF(2"), 

CiF(2*l  -*  GF(2'*>,  and  CiF(2*^>  CiFt2^>.  This  example  is  the  same  one  used  in  reference  [b].  but  it  is 

A > 

given  in  much  more  detail  here.  The  second  example  deals  with  tlie  construction  of  GFt3  ) from  GF(3'>. 
In  both  examples  it  will  be  shown  how  to  multiply  two  elements  in  the  larger  field  by  carrying  out  the 
actual  multiplication  in  their  subfields. 

4.2  CONSTRUCTION  OF  .A  GFc2‘'^t  MULTIPLIFR  USING  SUBFIFLD  MULTIPLIHRS 

g I 

To  begin  the  construction  of  a GF(2  1 Galois  linear  module  using  a GFc2  ) multiplier,  one  starts  with  a 
CiFt2“f  module  using  GFt2' ) multipliers,  i.e.,  .\ND  gates.  To  construct  such  a module,  a primitive  poly- 
noniial  of  siegree  2 is  chosen  over  C'iF(2 ' f.  Tlierc  is  exactly  one  such  polynomial,  ptx)  = x"  + x + I 
1 2,  page  47bl.  Let  t be  a root  of  p.  Tlien  0 * p(t)  = t“  + t + I , and  so  t*  = I + t.  Using  this  equation,  the 
code  tor  tho  Held  CiFi2"^  * {0*».  U.  t-  } can  be  easily  computed;  see  Table  4-1 . (For  example,  l has  the 
code  01  since  t * 0 • I I • t.  In  the  remainder  of  this  report,  the  Oand  1 element  of  C'iFt2'''>  will  be 
labelled  0^^  and  foreverv  m greater  than  l .> 


TABLE  4-1.  A CODE  FOR  GF(2^I  OVER  GF(2’) 


02 

0 

0 

’2 

1 

0 

t 

0 

1 

i2 

1 

t 

Now  the  Ctalois  multiplier  for  GFt2"t  is  constructed.  If  ■ I ,.t  ] is  the  ordered  basis  used,  the  basis  prixluct 
matnx  tsee  the  .Appendix  1 is  given  by 

/N-1-.  l.-t  \ /!'  I \ / 10  0l\ 


■::)  ■ c;  ■)  ■ ( 


01  11 
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The  next  step  is  to  construct  a GF(2‘^)  multiplier  out  of  GF(2“)  multipliers.  It  can  be  seen  in  Table  3-2 

that  there  are  6 irreducible  polynomials  of  degree  2 over  GF(2")  of  which  4 are  primitive.  Tliis  fact  also 

follows  from  Corollary'  3-f  since  T = '4(2'^-  2")  = "^  = 3 is  the  number  of  4-element  cosets  over  GFt2-). 

n 4 n 4 -( 

and  hence  there  are~  • T =~'  3 = 6 irreducible  polynomials  ot  degree  — =T=  2 over  GF(2*).  Again 

from  Table  3-2.  there  are  two  cyclotomic  cosets  (numbers  3 and  4)  which  have  a factor  (3)  in  common 

with  the  order  2*^-  1 = 1 5 of  the  cyclic  group  GF(2‘^1  - ,0 }.  The  primitive  polynominal  that  is  used  in 

this  discussion  is  x“  + tx  + t.  If  g denotes  a root  of  x“  + tx  + t,  then  g“  = t + tg.  and  if  { l4.g}is  the 

'rdered  basis  chosen,  then  the  following  code  (Table  4-2)  is  obtained  for  GF(2‘*). 


TABLE  4-2.  A CODE  FOR  GF(2^)  OVER  GF(2^)  AND  CF(2^ ) 


GF(2‘*) 

GF(22) 

GF(2’) 

O4 

O2 

“2 

0000 

’4 

’2 

°2 

1000 

9 

O2 

h 

0010 

9^ 

t 

t 

0101 

9^ 

t2 

’2 

1110 

9^ 

t 

’2 

0110 

9^ 

t 

02 

0100 

9® 

O2 

t 

0001 

9^ 

t2 

t2 

1111 

98 

’2 

t 

1001 

98 

t2 

t 

1101 

9’° 

t2 

O2 

1100 

9” 

O2 

t2 

0011 

9’2 

’2 

’2 

1010 

t 

t2 

0111 

9’^ 

’2 

t2 

1011 

• • • ^ 4I  ^ 

The  pnmitive  polynomial  x*  + tx  + t used  to  generate  GF(2  ) from  GF(2“1  has  conjugate  polynomial 
x~  + fx  + t“  (see  the  preceding  section  for  the  definition  of  conjugate  polynomial).  Thus,  by  Proposition 
3-1 1.  the  product  of  these  two  polynomials  is  the  primitive  polynomial  of  degree  4 which  generates  GF(2‘^) 
from  GF(2M.  Using  Table  4-1  to  carry  out  the  calculations  in  GF(2->.  it  is  possible  to  see  I'lat  x + x*  + ! 
is  this  primitive  polynomial  over  GF(  2 * ).  In  fact 


Tm 


Ihc  noM  step  is  to  soc  liow  nuiltiplicalioii  can  he  ilonc  witli  (ii  lZ-)  nuillipliors.  Again,  the 

oKloreJ  basis  whicli  is  useil  liorc  is  in  |l^,g),  aiui  so  tlio  nuiltiplication  matrix  is 


= 


/ '2 

v’: 


riiiis,  the  two  component  matrices  or(II'(2‘^)  over  (;i  (2^)  in  tins  case  are 


M,4.-  . 


I 0 


and  M-,**-’  = 


()-.  1-1 


I licse  two  matrices  tell  exactly  how  to  connect  the  tour  (il  t2“)  multipliers  in  order  to  obtain  a (il  l 2“^) 
nnilliplier;  lor  example,  to  obtain  the  first  2-bit  output  of  the  (;i'(2‘^)  product,  if  = <'njj)|^‘^'‘. 

then  t m|  I )|  and  tin  n)|  •“  are  needed,  the  latter  multiplied  by  I ; similarly,  the  secoiul  2-bit  output  is 
obtained  by  adding  tm|  anil  (m-t|  times  t.  To  construct  a t-multiplier  one  uses 

the  Beethoven  method  of  l llison  (4|.  In  particular,  the  two  bits  in  the  t-multiplier  are  calculated  by 
t M|  l|  = t • M I • X*  and  (Mjti  = t • M-)“' ■ • x*  where  x*  is  the  transpose  ol  x = t x | xt)  (it  x is  the  row 
vector  tX|X-»).  then  x*  is  the  column  vector^  ' \ );  since  1=01, 


iMtli  = 


tM,),  = (oni 


^0  1\  /X, 

il  1/  Us 


= ton 


= (11) 


(:;) 


= X|  Xs  . 


riius.  a t-mulli|ilier  can  be  drawn  in  Figure  4-2. 


Xi  .I'Xj 


FIGURE  4 2,  A CONSTANT  t MULTIPLIER  IN  GF(2') 


1 
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1 


O I I 

The  next  step  in  outer  to  IniiKI  a tlt't . t multiplier  over  (.ll’tZ**!  is  to  generate  a eoile  lor  (Il't  2'^!  over 

In  Example  3-8  it  was  shown  that  there  au*  30  irreilueihle^>olynoinials  ol  Oegree  8 oxer  (11  (21  ol 
which  lo  are  primitive  (see  I'ahle  3-31.  By  ('orollary  3-4  them  are—  • 1<'  * o4  primitive  px'lynomials  ol 

I 1 - g 

ilegree  2 over  C;i'(2  ).  The  one  chosen  here  is  p(xl  = x"  x + g One  root  ol  llus  equation  in  Ol  ( 2 1 is 

■\4  1 f. 

calleil  w,  aiul  Iherelom  the  other  one  is  w-  ■ w hy  I’roposition  3-1  Hence  w satislies  the  equation 

' O 

\v  = w + g aiul  tumi  this  equation  the  entire  fielil  OF(2  1 minus  0 can  be  written  as  a power  ol  w The 
oulereil  basis  used  lor  generating  OI'(  2^1  over  CiF(2‘*l  is  ( Ijj.  w }atul  so  the  basis  matrix  for  OF(2''^l  over 
OF(2‘*lis 


/'S  " \ ^ / >4^4  ^^4  *4 

\w  \y- / V O4  I4  g I4 


\04  S / ■ ' I4  '4/ 


Once  again  a constant  multiplier  is  neetled  in  a subfield  multiplier,  in  this  case  a constant  g-multiplier.  As 
in  the  ease  of  the  constant  t-multiplier  described  earlier  in  this  section,  the  g-multiplier  is  constructed  by 
the  Beethoven  metluHl.  Before  describing  the  construction  of  the  constant  g-multiidier.  Figure  4-4  shows 
the  OF(  2"’l  multiplier  over  OF(  2"*).  Note  the  similarities  of  this  multiplier  to  the  ('iF(  2~)  multiplier  over 
('iF(2*  1 in  Figure  4-1,  and  the  CiF(2'^l  multiplier  over  OF(2")  in  Figum  4-3. 

Now,  for  the  constant  g-multiplier.  From  Table  4-2,  the  ordered  basis  of  (iF(  2“^!  over  (ll't  2 ' 1 consisting 
of  unit  vectors  is  given  by  ( 1 4.  g'^.  g,  g^ } " 1 1 000,  0 1 00,  00 1 0,  000 1 }.  Again  using  the  basis  product 
matrix  method  and  the  Beethoven  reduction  method,  the  g-multiplication  gate  can  be  detennined: 


1 g-  g g'’ 

g^  g'O  gb  g>l 

g g^  g‘  g^ 
g'’  g'*  g^  g'“ 


dOOO 

0100 

(XllO 

0001 

0100 

1100 

0001 

0011 

0001 

0011 

INI 

1010 

,0001 

001 1 

nil 

1010 

1 


Thus, 


It  can  now  be  concluded  that  the  g-multiplication  gate  is  as  shown  in  Figure  4-5. 

*1  x,  *3  X4 


r 

r. 

I 

i 

i 

j' 

1 

I 

i 

1 

T 

I 

I 

f 

4 

i 

i 

• * 

1. 

I 

1 

I 


It  turns  out  that  subfield  multiplication  can  be  done  bit-serially.  By  computing  in  this  manner,  it  takes 
only  one  GF(2^)  multiplier  to  do  GF(2®)  multiplication  as  Figure  4-<i  shows.  It  is  believed  that 
the  advantages  of  bit-serial  implementation  are  most  strongly  felt  for  very  large  n when  the  underlying 
multiplier  becomes  prohibitively  large.  Here,  multilevel  logic  may  have  a strong  impact  also.  However, 
with  or  without  multilevel  logic,  subfield  multipliers  offer  much  potential  for  complexity  reduction. 


j 

i 

I 


1 


i 
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A natural  question  at  this  point  is  to  ask  whether  it  is  possible  to  use  the  technique  stated  above  to  build 

O > 

GF(2°)  multipliers  out  ot'GF(2“)  multipliers.  The  answer  is  in  the  affirmative,  and  the  process  is 
described  below. 


To  begin  with,  recall  from  Proposition  3-1 1 that  a primitive  polynomial  of  degree  4 overGF(2")  can  be 

4 

obtained  from  a primitive  polynomial  of  degree  2 over  GF(2  ) by  multiplying  the  latter  polynomial  by  its 
conjugate  polynomial.  (See  the  definition  of  conjugate  polynomial  in  the  paragraph  preceding  Proposition 


3-11.)  Since  x”  + .\  + g is  the  original  polynomial,  its  conjugate  is  x“  + x + (g)“  = x“  + x + g**  (by 


Proposition  3-1,  g““  = g**  is  the  conjugate  of  g in  GF(2‘*)  with  respect  to  GF(2“)).  Therefore,  the  primitive 

O 

polynomial  generating  GF(2°)  from  GF(2“)  in  this  case  is 


(X“  + X + g)  (X“  + X + g"^)  * X^  + 0‘X^  + (g  + g"^  + 1)’X“  + (g  + g*^)  X + g^  = x**  + t“  x"  + t X + t 


Q ^ 

(See  Table  4-2  for  the  computations.)  To  determine  the  basis  of  unit  vectors  of  GF(2°)  over  GF(2"). 

(I  lO-iO-iO-).  0-»  1 20-»0-».  O-iO-i  1 0-)0-»0-»  1 -) }.  one  simply  notices  that  this  set  is  the  same  as 

{I4O4,  g04,  O4I4,  04g}(see  Table  4-2).  Since  Ig  = I4O4  and  w = O4I4.  it  is  necessary  only  to  determine  j 
and  k so  that  wi  = g04  and  w*^  = 04g  (recall  that  g04  is  shorthand  for  g*  Ig  + 04'w  = g).  Observe  that  w^  = 
(g04)  is  in  GF(2'*)  and  so  (w*)*^  = 1 = 255)  Hence,  15j  = 255  and  soj  = 17.  Finally,  since  w*^  = 

04' 1 + g'w  = w'^'w  = w*^.  Thus,  the  ordered  basis  of  unit  vectors  for  GF(2®)  over  GF(2“)  is  {Ig.w*^.  w. 


w'°  }.  and  as  the  basis  product  matrix  is 


*8 

w 

00 

wl7 

w34 

< 

00 

w35 

w 

< 

00 

W“ 

w»9 

00 

w35 

wl9 

^36 

Using  the  facts  that  t is  embedded  in  GF(2^)  as  w^^  ((w^^)^  = w-^^  = 1)  and  t“  is  embedded  as  w*^®. 
and  that  x"*  + t*  x“  + t x + t is  the  primitive  polynomial  used  to  generate  GF(2^)  from  GF(2“),  it  is  possible 
to  see  that 


18.2  = 


1 

0-1 1 

OiO->  1 ■>0-> 

0202021 

0->  1 

t t 0'i0‘> 

0i0->0->  1 -) 

0202t  t 

020-I120-, 

O-iO-^O-s  1 •> 

Ot 111 ^0^ 

t t 021 

0'<0->0'>  1 

0-.0-.t  t 

t t 0-.1-. 

t- 1 -.t  t 

T 
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Now,  using  the  same  procedure  for  constructing  a t-multipliei  it  is  possible  to  construct  a constant  t“- 

Q 8 

multiplier.  Finally,  the  entire  GF(2°)  multiplier  built  out  of  = 16  GF(2“)  multipliers  can  be  de- 

Q — 

signed.  It  is  also  possible  to  design  the  GF(2°>  multiplier  out  of  a single  GF(2“)  multiplier  by  seiiuentially 
inserting  the  inputs  as  it  is  done  for  the  GF(2^)  multiplier  over  GF(2‘*)  (see  Figure  4-6). 

4.3  CONSTRUCTION  OF  A GFO'*)  MULTIPLIER  USING  SUBFIELD  MULTIPLIERS 

In  this  example  a GFO'^)  Galois  multiplier  is  constructed  out  of  GF(3‘)  multipliers.  To  begin  with. 

GF(3)  = {0,1.2  } and  the  operations  of  addition  and  multiplication  in  GF(3)  are  given  by  addition  and 
multiplication  modulo  3.  a generalization  of  GF(2)  arithmetic. 

In  order  to  construct  GF{3‘‘)  from  GF(3),  the  primitive  polynomial  p(x)  = x“  + 2 x + 2 is  used.  If  a root 
of  p is  labeled  a,  then  a“  = a + 1 (since  2 = - 1 modulo  3).  and  the  ternary  code  for  GF(3‘)  with  ordered 
basis  { 1 .a  } is  shown  in  Table  4-3. 


The  multiply  matrix  forGF(3")  is 


I a 


10  01 
01  1 1 


and  so 


0 1 


Ml  ‘L  j “"‘I  M,  = r ' 


1 1 


Thus,  a GF(3“)  multiplier  for  the  ternary  code  is  illustrated  in  Figure  4-7. 


Vi  — 


• GF(3)  MULTIPLIER 
-GF(3)  ADDER 


FIGURE  4-7.  A GF(3^)  MULTIPLIER  OVER  GF(3» 


By  Proposition  3-3  there  are 


I a •>  > 

j l3-»-3-  } = j (81  - 


g ; = - . 7; 


18 


r 


cyclotomic  cosets  of  length  4 in  GF(3‘^).  Hence,  by  Corollary  3-4  there  are  ml  = 2 • 1 8 = 3o  2-elenient 
cyclotomic  cosets  in  GF(3‘*)  with  respect  to  GF(3">.  In  Table  4-4  below  it  can  be  seen  that  only  8 of  the 
cosets  in  GF(3‘^)  over  GF(3)  have  no  factor  in  common  with  the  order.  3"*  - 1 = 80  of  the  cyclic  group 
GFt3'*>-  l0}ofGF(3‘^). 

TABLE  44.  TERNARY  COSETS  IN  GF(3^)  WITH  LOWEST  EXPONENT  IN  EACH  CLASS  NAMED 
(1  i${b’,b^,b®.  },  2 Is  {b^,  b®.  b’®,  b®^  }.  ETC.) 


4 

COSET 

PRIMITIVE 

MINIMUM  POLYNOMIAL 

— 

COSET 

PRIMITIVE 

MINIMUM  POLYNOMIAL 

1. 

1 

YES 

13. 

20 

(2  ELEMENT  COSET) 

i 

2. 

2 

NO 

14. 

22 

NO 

* 

3. 

4 

NO 

15. 

23 

YES 

4 

4. 

5 

NO 

16. 

25 

NO 

5. 

7 

YES 

17. 

26 

NO 

6. 

8 

NO 

18. 

40 

(1  ELEMENT  COSET) 

7. 

10 

(2  ELEMENT  COSET) 

19. 

41 

YES 

T 

8. 

11 

YES 

20. 

44 

NO 

9. 

13 

YES 

21 

50 

(2  ELEMENT  COSET) 

1 

10. 

14 

NO 

22. 

53 

YES 

i 

4 

11. 

16 

NO 

23. 

80 

(1  ELEMENT  COSET) 

12. 

17 

YES 

Hence,  these  8*4  = 32  elements  are  primitive,  and  are.  of  course,  primitive  with  respect  to  GF(3“).  Titus, 
there  arc  16  2-element  cyclotomic  cosets  of  primitive  elements  in  GF(3‘^)  with  respect  to  GF(3*1.  and  so 
there  are  16  primitive  polynomials  of  degree  2 over  GF(3")  with  which  to  generate  GFt3‘*V  Tlie  one  used 
here  is  gtxl  = x“  + x + a.  If  b is  a root  of  gfx)  in  GF(3‘^').  then  0 =»  b“  + b + a and  so  b“  = - a - b = 2a  + 2b. 
A close  look  at  Table  4-3  shows  that  GF(3>  viewed  as  a subfield  of  GF(3“1  consists  of  the  elements  0.1 . and 
a"^  (0  -•  0.  1 I . and  2 -♦  a**)  and  so  b“  * 2a*  I + 2b  = a*^  a*  1 + a'^'b  = a*^*  1 + a‘^*b.  with  coefficients  in 
GFt3“).  Thus,  the  basis  product  matrix  for  GF(3‘^>.  with  respect  to  the  basis  1 1 .b  1.  is 


1. 

r 


M 


10 

01  \ 

01 

01 

aV/ 

lo, 

.v‘'2 
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and  so 


and  M ■> 


From  Mj  and  it  can  be  seen  that  constant  multipliers  for  and  a^  are  needed  to  build  the  GF(3'*i 

multiplier  over  GF(3“)  by  the  Beethoven  reduction  method  (4).  For  a"^  multiplication  by  an  arbitrary  ele- 
ment z * of  GFfJ"^)  with  Z|  and  zi  in  GF(3").  is  the  same  as  multiplication  by  2 


»■*:  ( 


and.  for  a^ 


/0‘\/M\  /^l\ 

(021  = (22)  ) 

\l  1/  \Z2/  \z2/ 


2zi+2z: 


Thus,  the  multipliers  for  a*^  and  a^  are  shown  in  Figure  4-8  and  are  very  simple  compared  to  the  com- 
plexity of  the  total  GF(3“)  multiplier,  as  can  be  seen  in  Figure  4-t>.  Here  are  two  elements  x * Xjx-<  and 
y » y jy2  in  GF(3‘^).  with  xj  and  yj  in  GF(3“).  are  multiplied  together. 


2z,  #2*2 


FIGURE  4-8.  CONSTANT  - 2 AND  a®  MULTIPLIERS 
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SECTION  5 
SUMMARY 


A method  of  multiplying  in  arbitrary  Galois  fields  by  doing  the  actual  multiplication  in  a subfield  is  pre- 
sented in  this  report  The  process  can  be  carried  out  either  in  a parallel  fashion  or  bit-serially.  A theoreti- 
cal discussion  in  Paragraph  3.3  establishes  a basis  for  this  subfield  multiplication  process.  The  two  examples 
in  Section  4 show  the  implementation  of  the  process  both  in  binary  and  ternary  fields. 


1 

4 . 

i; 

!; 

i: 

r 

i: 

£ 

I 

I 
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SECTION  6 
FUTURE  WORK 


One  of  the  most  important  applications  of  Galois  fields  is  signal  processing  (see.  for  example.  |5 1 and  | "I). 

The  Galois  fields  involved  in  the  discussions  of  Reed,  et  al.  are  for  the  most  part  of  the  form  (iF(pt  or 
•> 

GF(p-)  for  very  large  and  very  special  primes  p.  These  primes  are  such  that  the  cyclic  group  GF(p)  - -0  i 
has  order  a multiple  of  a power  of  two.  Therefore  it  is  possible  that  the  suhfield  multiplication  process 
presented  in  this  report  generalizes  to  a subgroup  multiplication  process,  and  that  presents  tiF(  2'^)  multi- 
pliers can  be  used  to  perform  GF(p)  or  GF(p")  arithmetic.  If  so,  the  added  on-lir'e  fault  detection  implicit 
in  GF(2")  multipliers  can  be  utilized  to  do  GF(p”)  arithmetic.  Therefore,  an  investigation  of  the  potential 
of  subgroup  multiplication  is  needed  in  order  to  determine  the  feasibility  of  applying  known  technkiues  to 
do  GF(p'’)  arithmetic. 

Other  methods  of  performing  Galois  field  arithmetic  for  large  p should  be  investigated  also.  In  particular, 
hardware  implementation  of  modular  Galois  arithmetic  should  be  investigated. 

.\nother  important  application  of  Galois  fields  is  error  coding  where  a semi-fast  Fourier  transform  algorithm 
has  been  developed  for  use  in  Galois  fields  GFfZ*^)  [8).  The  use  of  present  GFtZ*^)  multipliers  are  possible 
here,  and  it  is  important  to  study  the  potential  of  the  use  of  the  Galois  multiplier  which  has  the  on-line 
parity  detection.  In  this  case  there  would  be  a check  (parity  bit)  on  the  checker  (code). 


« 


APPENDIX 

BASIS  PRODUCT  MATRICES 


Let  B = { bj  }be  an  ordered  basis  in  GF(p'’)  overGF(p"'),  which  consists  of  — elements  and  let 


m 


n/m  n/m 

X = S Xj  bj  and  y = S Xjbj.p  any  prime. 
i=l  j=l  ^ 


Then  the  product  xy  is 


S xjyjbjbj 


i.J 


Let  bjj  = bj  bj  and  define  = (nijj)|("'‘^  be  defined  by 


n/m 


Then  xy  = ( 2 X;  bj ) (2  yj  bj  ) = S I Xjyjbjj  = 2 2 Xj  yj  2 (nijjlk"’'^  bk 


= 2 f 2 2 Xj  Xj  (niy)k"’"’  ] bk  - 


Therefore,  if  xy  = 2 Zk  bk  , Zk  = 2 2 xjyj  (mj  j)k”'*^  = y Mk'’’”^  x^ 
k i j 


The  matrix  Mk”’"’  is  called  the  kth  component  basis  product  matrix  and  = (Mk'^''^)  is  called  the 
basis  product  matrix  for  GF(p")  over  GFfp'’^). 


n 4 

EXAMPLE:  Let  n=4  and  m=2.  Tlien  = , = 2.  Let  B ={  1 ,g}and  pick  x = = t“  + t~’g  and 

1 1 ■»  m2  . ^ 

y = gi  1 = fg  (see  Table  4-2).  Then  the  basis  product  matrix  M**'”  is 


M 


4.2 


'14*14  l4*g' 

g'l  g*g, 


liO-i  Ot  1 


.0,1- 


t t 


T-;  0^\ 

L Ot  t 


M.4-2 


'02 

u 


If  xy  = 2 ZkWi.  = Z|*l-»  + z->*t,  then 

^^1  K K 1 . . 
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